If you ever worked in tech support you know that there are users who have to use computers without having a clue what is going on. Those users open a website by entering its url in the search form, click on links in emails, open attachments and do many other things that experienced computer users call foolish or at least a security risk.
I have met many PC users who could not tell me on which website they were currently on and it took a lot of navigating around before they could tell me.
This guide is for those users. It will explain how to find out on which website you are and if it is the right website. This may sound trivial to experienced users but believe me when I say that it can benefit inexperienced users.
This guide will use Microsoft’s Internet Explorer 8 web browser. Other web browsers, like Firefox, usually have a similar layout.
Two areas of the web browser are of uttermost importance to determine the current website: The header bar and the status bar. Click on the image below to see it in full resolution:
- Title Bar: This contains text that the owner of the website can specify. This cannot be used to identify a website.
- Address Bar: This contains the address of the website. This is being used to identify the website.
- Search Form: Ability to perform a search in one of the configured search engines
- Bookmarks: The user’s bookmarks
- Open Websites: The websites that are open currently in Internet Explorer. Each website is displayed in its own tab
- Status Bar: This can provides additional information about a website
The two bars that we need for identifying the website are the address bar and the status bar.
The address bar will list a website in the form http://www.loginhelper.com/. This address is made up of several important parts.
- http:// – This defines the protocol that is used to access the website. Websites are either accessed via the http:// or https:// protocol
- www. – A website can but does not have to use www. in front of the domain name
- loginhelper.com/ – The domain name
Another example of a web address is https://www.paypal.com/de/cgi-bin/webscr?cmd=_login-run&mpch=ads
- https:// – This is a secure website which basically means that the website uses encryption when exchanging data with the connected user.
- www. – same as above
- paypal.com/ – same as above
- de/cgi-bin/webscr?cmd=_login-run&mpch=ads – a distinct page on the website.
The most important part of any web address is the part from the beginning to the third slash, e.g. https://www.paypal.com/ or http://www.loginhelper.com/. This part defines the website (or more precisely domain) the user is currently on.
- Financial websites, shopping sites, email providers and sites where personal information are posted usually offer the https:// protocol instead of http. This is true for popular services such as Gmail or PayPal. Make sure https:// is shown in the address bar.
- Web browsers indicate https:// websites with a locked padlock on the page. That padlock can appear in the address bar or the status bar of the web browser
- www. paypal.com and paypal.com can be the same website but do not have to be. They are however always run by the same company
- Always type in the domain name (that is http://www.paypal.com/ or https://www.paypal.com/ in the address bar and not the search form or any other location in the web browser.
- A password manager like Last Pass can improve the security of the system as it will only log the user in the service if it is the right service and not a phishing or fake website.
Do you have additional tips that can help verify a website?